Hello friends if you are looking for Secure By Design Questions Answers | Secure By Design MCQ with Answers | Secure By Design Multiple choice questions | Secure By Design Objective type questions
1.You are a part of software development team building a hospital management application……
Ans : Control access to sensitive data
2.Match the objectives
a. To ensure application has not deviated….
Ans : Operation readiness review
b. To observe information….
Ans : Conduct continuous monitoring
c. To examine security…..
Ans : Final security review
3.You are contracted for designing an e-commerce software application….
Ans : Establish privacy and security requirements
4. Match the objectives
a. Erased/Formatting hard disk….
Ans : Eradication
b. Fresh install of OS….
Ans : Recovery
c. Alerts from anti-virus…
Ans : Identification/Detection
d. Quarantining(disconnecting) inflected computers…
Ans : Containment
5.Match the objectives
a. To keep dev teams updated…
Ans : Security training
b. To categories applications…
Ans : User risk assessment
c. To define minimum security…
Ans : Security quality gates
6. An IT company commisions a new software for Human Resources(HR) management…
Ans :
a. Build and execute a disposal/transition plan
b. Sanitize media
7.Match the objectives
a. To ensure security controls…
Ans : Select and document security controls
b. To set security and privacy…
Ans : Establish secure design
c. To understand the risk areas in the approach…
Ans : Attack surface analysis
8.Which of the following changes in Secure SDLC…
Ans : Process change – shift left
9.Bug bounty programs are…
Ans : Threat modeling
10. Match the objectives
a. Scanning source code…
Ans : SAST
b. Scanning a running application…
Ans : DAST
c. Avoiding known coding…
Ans : Version control system
d. Tracking changes…
Ans : Secure coding practices
11. A software development company is reviewing…
Ans : Threat modeling
12.A software for a networking device is written using C programming language…
Ans :
a. Deprecate unsafe functions
b. Source code scanning using…
13.Following several security breaches…
Ans : Incident response plan
14.Which of the following statements is false?
Ans : Threat modeling involves reviewing…
15.Tampered code…
Ans : Manual secure code reviews
16.In a major data breach, hackers stole payment card data…
Ans : Secure coding trainings were not conducted
17.An organization wants to scan their running application…
Ans : Dynamic Application Security Testing (DAST)
18.An hard disk of the database server…
Ans : Shredding
19.A university hosts their public facing website…
Ans : The university failed to conduct security coding training
20.WordPress is popular free and open-source content management…
Ans : The IT must maintain an inventory of all….